AWS Secrets Manager

Integrate AWS Secrets Manager with your Gatling scripts to securely retrieve and manage secret values after the initialization stage of your load generators.

Use Case

Integrating AWS Secrets Manager with Gatling allows secure access and retrieval of secret values directly within your Gatling scripts. This process is performed only once during the spawning of load generators in the initialization block, ensuring your secrets are handled securely before launching your simulation test.

Prerequisites

  • Utilizing Gatling Enterprise’s Private Locations feature. For more information, visit: Gatling Cloud Installation Guide
  • Using Gatling SDK with Java 1.x or 2.x.

Configuration

To enable secure access to AWS Secrets Manager, assign an IAM instance profile to your load generators. This profile should grant access permissions for retrieving and describing secrets as detailed below. For more information, visit: Gatling AWS Locations Configuration

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "secretsmanager:GetSecretValue",
                "secretsmanager:DescribeSecret"
            ],
            "Resource": "arn:aws:secretsmanager:{region}:{account-id}:secret:{secret-name}"
        }
    ]
}

Batch Retrieval Permissions

Installation

Install the AWS SDK into your Java project using either Maven or Gradle:

Suggested Implementation

Utilize the AWS SDK for Java 2.x to implement the Get a Secret Value sample from the AWS Secrets Manager examples. For more detailed examples, visit the AWS SDK for Java Code Examples.

import io.gatling.javaapi.core.*;

import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
  
public class AWSSecretsManagerSampleJava extends Simulation {
    {
        String secretName = "my-secret-name";
        Region region = Region.of("{region-name}");

        SecretsManagerClient client = SecretsManagerClient.builder().region(region).build();

        GetSecretValueRequest getSecretValueRequest = GetSecretValueRequest.builder().secretId(secretName).build();
        GetSecretValueResponse getSecretValueResponse;

        try {
            getSecretValueResponse = client.getSecretValue(getSecretValueRequest);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }

        String secret = getSecretValueResponse.secretString();
    }
}

Edit this page on GitHub